com.ibm.security.keystoreski

Interface KeyStoreSKI

public interface KeyStoreSKI

Provides the ability to extract information from a KeyStore given a Subject Key Identifier (SKI). The Subject Key Identifier is an extension of the X.509 Public Key Infrastructure, which is described in RFC 3280 Section 4.2.1.2. This interface assumes that all entries within a key store have unique Subject Key Identifier values, which is typically the case (though not mandated by the specification).

See Also:

Certificate, PrivateKey, PublicKey, KeyStore, SKIDefinitionFactory, RFC 3280 Section 4.2.1.2

Method Summary

Modifier and Type	Method and Description
String	getAlias(String subjectKeyIdentifier, SKIDefinition definition) Returns the first instance of the alias associated with a certificate in a KeyStore that has a subject key identifier matches subjectKeyIdentifier.
Certificate	getCertificate(String subjectKeyIdentifier, SKIDefinition definition) Returns the first instance of the certificate in a KeyStore that has a subject key identifier matches subjectKeyIdentifier.
PrivateKey	getPrivateKey(String subjectKeyIdentifier, SKIDefinition definition, char[] password) Returns the first instance of a private key that has an end entity certificate in a KeyStore that has a subject key identifier matches subjectKeyIdentifier.

Method Detail

getPrivateKey

PrivateKey getPrivateKey(String subjectKeyIdentifier,
                         SKIDefinition definition,
                         char[] password)
                  throws KeyStoreException

Returns the first instance of a private key that has an end entity certificate in a KeyStore that has a subject key identifier matches subjectKeyIdentifier. Returns null if no such certificate can be found. The definition of a Subject Key Identifier definition forms part of the criteria that defines how to obtain the subject key identifier from a Certificate.

Parameters:

subjectKeyIdentifier - The SubjectKeyIdentifier to be used as the matching criteria.

definition - An instance of SKIDefinition type that control how to obtain the SKI from a Certificate. SKIDefinition instances can be created using SKIDefinitionFactory.

password - The KeyStore password.

Returns:

The first instance of a private key that has an end entity certificate in a KeyStore that has a subject key identifier matching subjectKeyIdentifier.

Throws:

NullPointerException - If any of the parameters was null.

KeyStoreException - If an error occurs while extracting private key and certificate information from the key store.

getCertificate

Certificate getCertificate(String subjectKeyIdentifier,
                           SKIDefinition definition)
                    throws KeyStoreException

Returns the first instance of the certificate in a KeyStore that has a subject key identifier matches subjectKeyIdentifier. Returns null if no such certificate can be found. The definition of a Subject Key Identifier definition forms part of the criteria that defines how to obtain the subject key identifier from a Certificate.

Parameters:

subjectKeyIdentifier - The SubjectKeyIdentifier to be used as the matching criteria.

definition - An instance of SKIDefinition type that control how to obtain the SKI from a Certificate. SKIDefinition instances can be created using SKIDefinitionFactory.

Returns:

The first a certificate in a KeyStore that has a subject key identifier matching subjectKeyIdentifier.

Throws:

NullPointerException - If any of the parameters was null.

KeyStoreException - If an error occurs while extracting public key and certificate information from the key store.

getAlias

String getAlias(String subjectKeyIdentifier,
                SKIDefinition definition)
         throws KeyStoreException

Returns the first instance of the alias associated with a certificate in a KeyStore that has a subject key identifier matches subjectKeyIdentifier. Returns null if no such certificate can be found. The definition of a Subject Key Identifier definition forms part of the criteria that defines how to obtain the subject key identifier from a Certificate.

Parameters:

subjectKeyIdentifier - The SubjectKeyIdentifier to be used as the matching criteria.

definition - An instance of SKIDefinition type that control how to obtain the SKI from a Certificate. SKIDefinition instances can be created using SKIDefinitionFactory.

Returns:

The first instance of the alias associated with an end entity certificate in a KeyStore that has a subject key identifier matching subjectKeyIdentifier.

Throws:

NullPointerException - If any of the parameters was null.

KeyStoreException - If an error occurs while extracting certificate information from the key store.